Project

General

Profile

Task #61

Scripts for managing svn authz

Added by Dave Vieglais about 12 years ago. Updated about 12 years ago.

Status:
Closed
Priority:
High
Assignee:
Category:
Support Operations
Start date:
Due date:
% Done:

100%

Milestone:
None
Product Version:
*
Story Points:
Sprint:

Description

Issue

DataONE accounts and groups are managed through LDAP, however there is no mechanism for directly managing subversion access control groups from LDAP. Instead, a svn authz file needs to be created and updated each time a change to LDAP is made.

Resolution

Create a script that generates an svn authz file based on the LDAP groups. The scripts should be executable through cron (at a high frequency, e.g every 10 minutes to minimize latency) or hooked into the user management functions of plone.

Can probably modify existing "listusers" script from dataone tools. Also "lots of perl scripts" are regularly used by the NCEAS folks, so could probably adapt something form there.

History

#1 Updated by Matthew Jones about 12 years ago

Note that changing the svn authz file only affects subversion. Ideally, we would also want to configure trac with the same groups by adding the users to the appropriate groups in trac (which I have done with the web ui or via the trac-admin utility).

#2 Updated by Roger Dahl about 12 years ago

  • Status changed from New to Closed

Found script online: sync_ldap_groups_to_svn_authz.py (GPL).

Set up script with valid call that filters on dataone groups.

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 14.8 MB)